Showing
2 changed files
with
34 additions
and
1 deletions
@@ -81,4 +81,37 @@ public class AdminAccountController { | @@ -81,4 +81,37 @@ public class AdminAccountController { | ||
81 | tokenManager.deleteToken(USPIH_TOKEN_PREFIX + admin.getId()); | 81 | tokenManager.deleteToken(USPIH_TOKEN_PREFIX + admin.getId()); |
82 | return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK); | 82 | return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK); |
83 | } | 83 | } |
84 | + | ||
85 | + | ||
86 | + @AntiXSS | ||
87 | + @RequestMapping(method = RequestMethod.PUT) | ||
88 | + @ApiOperation(value = "USPIH Login and modify password", notes = "loginmodpwd") | ||
89 | + public ResponseEntity<ResultModel> loginModPwd(@RequestParam String account, @RequestParam String password, @RequestParam String newpwd) { | ||
90 | + Assert.notNull(account, "account can not be empty"); | ||
91 | + Assert.notNull(password, "password can not be empty"); | ||
92 | + | ||
93 | + XklAdminEntity admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK); | ||
94 | + //未注册 | ||
95 | + if (admin == null) { | ||
96 | + //提示用户名或密码错误 | ||
97 | + return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); | ||
98 | + } | ||
99 | + String salt = admin.getSalt(); | ||
100 | + String pass_in_db = admin.getPwd(); | ||
101 | + String calcuPass = SecurityTool.getPassword(account, password, salt); | ||
102 | + if (!calcuPass.equals(pass_in_db) ||//密码错误 | ||
103 | + admin.getStatus() != 1) {//用户无效 | ||
104 | + //提示用户名或密码错误 | ||
105 | + return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); | ||
106 | + } | ||
107 | + salt = SecurityTool.genSalt(); | ||
108 | + String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt); | ||
109 | + admin.setPwd(pass2Db); | ||
110 | + admin.setSalt(salt); | ||
111 | + adminRepository.save(admin); | ||
112 | + //生成一个token,保存用户登录状态 | ||
113 | + TokenModel model = tokenManager.createToken(USPIH_TOKEN_PREFIX + admin.getId()); | ||
114 | + return new ResponseEntity<>(ResultModel.ok(model), HttpStatus.OK); | ||
115 | + } | ||
116 | + | ||
84 | } | 117 | } |
-
Please register or login to post a comment